RansomHub Ransomware Attack on HLB Puerto Rico LLC Leads to Data Leak

Incident Date: Jul 17, 2024

Attack Overview

VICTIM

HLB Puerto Rico LLC

INDUSTRY

Business Services

LOCATION

Puerto Rico

ATTACKER

Ransomhub

FIRST REPORTED

July 17, 2024

Request Removal

RansomHub Ransomware Attack on HLB Puerto Rico LLC

Overview of HLB Puerto Rico LLC

HLB Puerto Rico LLC is a prominent accounting and consulting firm based in San Juan, Puerto Rico. As a member of HLB International, a global network of independent accounting firms and business advisors, HLB Puerto Rico leverages extensive local expertise and international reach. The firm specializes in tax preparation, bookkeeping, and consulting services, with a particular focus on helping clients navigate Puerto Rico's tax incentives, such as Act 60-2019. The firm is led by Keysha M. Torres Pérez, CPA, and employs a team of professionals dedicated to providing high-quality, personalized financial solutions.

Details of the Ransomware Attack

On July 18, 2024, HLB Puerto Rico LLC fell victim to a ransomware attack orchestrated by the cyber threat group RansomHub. The attack targeted the company's website, hlbpr.com, and resulted in a data leak, although the exact size of the leak remains undisclosed. This incident highlights the increasing threat of ransomware attacks on professional service firms and underscores the need for robust cybersecurity measures within the industry.

About RansomHub

RansomHub is a relatively new ransomware group that has quickly made a name for itself in the cyber threat landscape. Believed to have roots in Russia, RansomHub operates as a Ransomware-as-a-Service (RaaS) group, with affiliates receiving 90% of the ransom money and the main group taking the remaining 10%. The group is known for its use of Golang in its ransomware strains, a trend that is becoming more common in the ransomware world. RansomHub has targeted various countries, including the US, Brazil, Indonesia, and Vietnam, with a notable focus on healthcare-related institutions.

Potential Vulnerabilities and Attack Penetration

While the specific vulnerabilities exploited in the HLB Puerto Rico attack are not publicly known, professional service firms like HLB Puerto Rico are often targeted due to the sensitive financial data they handle. RansomHub likely penetrated the company's systems through common attack vectors such as phishing emails, exploiting software vulnerabilities, or leveraging weak security protocols. The use of AI technology by ransomware groups has also made attacks more effective and increased their frequency, posing significant challenges for organizations in maintaining robust cybersecurity defenses.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.